DDoS Attacks in the Second Quarter of 2019: Increasing Attack Bandwidths
Link11, a leader in cloud-based anti-DDoS protection, has published its DDoS statistics for Q2 2019. The data shows that the quarter saw a massive 97% year-on-year increase in average attack bandwidth, up from 3.3Gbps in Q2 2018 to 6.6Gbps in Q2 2019.
These attacks are easily capable of overloading many companies’ broadband connections. There are several DDoS-for-hire services offering attacks between 10 and 100 Gbps for a modest fee. Currently, one DDoS provider is offering free DDoS attacks of up to 200 Mbps bandwidth for a duration of five minutes.
The maximum attack volumes seen by Link11 between April and June 2019 also increased by 25% year-on-year, to 195Gbps from 156Gbps in Q2 2018. In addition, 19 more high-volume attacks with bandwidths over 100 Gbps were registered in Q2 2019.
Rolf Gierhard, Vice President Marketing at Link11 said: "Too many companies still have the wrong idea when it comes to the threat posed by DDoS attacks. Our data shows that the gap between attack volumes, and the capability of corporate IT infrastructures to withstand them, is widening from quarter to quarter. Given the scale of the threat that organizations are facing, and the fact that the attacks are deliberately aimed at causing maximum disruption, it’s clear that businesses need to deploy advanced techniques to protect themselves against DDoS exploits."
Increasing complexity of attacks
Multi-vector attacks posed an additional threat in Q2 2019, with a significant increase in complex attack patterns. The proportion of multi-vector attacks grew from 45% in Q2 2018 to 63% in the second quarter of 2019. Attackers most frequently combined three vectors (47%), followed by two vectors (35%) and four vectors (15%). The maximum number of attack vectors seen was seven.
Further findings from Link11’s Q2 DDoS statistics include:
- 20 DDoS attacks resulted in bandwidth peaks in excess of 100 Gbps
- The largest attack registered by Link11’s network reached a peak bandwidth of 195 Gbps
- The highest packet rate seen was 46 million packets per second
- The longest attack during the quarter lasted 1,938 minutes, i.e. over 32 hours
- The most important amplification reflection vector for achieving large attack volumes is still DNS reflection. According to data from the market research company IDC, more than 80% of companies have already been hit by a DNS attack.*
The data is based on defended attacks on websites and servers that are protected by Link11. In addition to network analyses and evaluation of DDoS attack data, the Link11 DDoS report also makes use of open source intelligence (OSINT) analyzes. Further current data on DDoS attacks and attempts can be found in the Link11 DDoS blog.
* IDC: Global DNS Threat Report 2019, https://www.networkworld.com/article/3409719/worst-dns-attacks-and-how-to-mitigate-them.html
Stay updated on current DDoS reports, warnings, and news about IT security, cybercrime and DDoS protection.
Follow Link11 on Twitter
The Link11 360° degree DDoS Protection is... ➡️ Smarter: AI-based Whitelisting approach ➡️ Faster: Attack mitigati…
5 Retweets 4Read More
The European Organisation for Safety of Air Navigation revealed new cyber security statistics!…
1 Retweets 3Read More
➡️ Link11 Report discovers record number of DDoS attacks in first half of 2021. 1) DDoS at…
9 Retweets 7Read More
The European Union Agency for Cybersecurity (= ENISA) identified the most common cyber challenges/threats and issu…
5 Retweets 8Read More
⚠️ Have you been the target of a DDoS/ransomware attack, or even an extortion attempt? If this happens, don't worry…
3 Retweets 2Read More
https://t.co/a0lf7SPB37 Want to see more interesting facts, data and insights from the Cyber- & DDoS Attack threats…
15 Retweets 8Read More
❗ ️Warning: New wave of ransom DDoS attacks by Fancy Lazarus! Are you also affected? Don't worry, there are things…
6 Retweets 3Read More
Electronic Arts has suffered a big data breach resulting in hackers getting away with important source code for gam…
1 Retweets 1Read More
https://t.co/HqsAkp4Wk2 Are you passionate/curious about cybersecurity? Subscribe to our monthly Newsletter and sta…
7 Retweets 4Read More
Proven and robust cyber security can have a positive impact on a company's credit rating - or damage it if the impl…
2 Retweets 2Read More